Scheduled Download from MDS #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Scheduled Download from MDS | |
on: | |
schedule: | |
- cron: '0 12 1 * *' # Update first of the month | |
workflow_dispatch: | |
inputs: | |
logLevel: | |
description: 'Log level' | |
required: true | |
default: 'warning' | |
tags: | |
description: 'Test scenario tags' | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.x' | |
- name: Install python packages | |
run: | | |
python -m pip install --upgrade pip | |
pip install requests | |
- uses: jannekem/run-python-script-action@v1 | |
id: script | |
with: | |
fail-on-error: false | |
script: | | |
import os | |
import requests | |
import base64 | |
import json | |
# Download MDS blob from FIDO endpoint | |
response = requests.get("https://mds.fidoalliance.org/") | |
mdstocjwt = response.content.decode('ascii') | |
# Parse out MDS data from JWT | |
jwt_payload = mdstocjwt.split('.')[1].replace('-', '+').replace('_', '/') | |
while len(jwt_payload) % 4: | |
jwt_payload += "=" | |
mds_bytes = base64.b64decode(jwt_payload) | |
mds_strings = mds_bytes.decode('utf-8') | |
mds_data = json.loads(mds_strings) | |
# Build commit msg and export to environment variable | |
mds_number = mds_data['no'] | |
mds_next = mds_data['nextUpdate'] | |
commit_msg=f'COMMIT_MSG=from MDS file version {mds_number}, next update expected {mds_next}.' | |
env_file = os.getenv('GITHUB_ENV') | |
with open(env_file, "a") as myfile: | |
myfile.write(commit_msg) | |
# Extract FIDO2 statements with non-null aaguid and required properties | |
fido2_statements = [ | |
entry['metadataStatement'] | |
for entry in mds_data['entries'] | |
if entry.get('aaguid') is not None | |
] | |
# Create a dictionary with the desired structure | |
result_dict = {} | |
for statement in fido2_statements: | |
result_dict[statement['aaguid']] = { | |
"name": statement['description'], | |
"icon_light": statement.get('icon', None), | |
"icon_dark": statement.get('icon', None) | |
} | |
# import custom aaguid.json | |
with open('aaguid.json', 'r') as aaguid_file: | |
aaguid = json.load(aaguid_file) | |
# Combine custom aaguid.json with data from MDS | |
result = {**result_dict, **aaguid} | |
# Write combined result to file | |
with open('combined_aaguid.json', 'w') as output_file: | |
json.dump(result, output_file) | |
- name: Commit files and push | |
run: | | |
git config --local user.email "[email protected]" | |
git config --local user.name "GitHub Action" | |
git add -A | |
timestamp=$(date -u -I) | |
git commit -m "bot: Updated ${timestamp}, ${{ env.COMMIT_MSG }}" -a || exit 0 | |
git push |